By Marcos ColonIn case you didn’t notice during May’s Patch Tuesday release, Microsoft has banned SHA-1 certificates in Internet Explorer and Edge.Browsers will now flag SSL/TLS certificates that leverage the dated cryptographic hash function as insecure.This marks yet another step toward phasing out the use of the SHA-1 certificates – which date back to 1995 – that many browser vendors believe do not provide enough security, according to a report by CSO Online.“This change will only impact SHA-1 certificates that chain to a root in the Microsoft Trusted Root Program where the end-entity certificate or the issuing intermediate uses SHA-1,” Microsoft said in its security bulletin.Although enterprise or self-signed SHA-1 certificates aren’t impacted, the company goes on to recommend that customers “quickly migrate to SHA-2 based certificates.”
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



